The 10 most common types of malware, and how to avoid them

Trojans, applications, and backdoors top the list of types of malware detected worldwide in 2017, according to Comodo Threat Research Labs.

What is multi-stage malware?It's not a new trick, but it's new to mobile devices. Here's why multi-stage malware is so dangerous to Android smartphones.

Building a slide deck, pitch, or presentation? Here are the big takeaways:

Trojans, applications, and backdoors top the list of most common types of malware detected worldwide in 2017 — Comodo Threat Research Labs, 2018

In 2017, Russia saw 8.8% of all malware detections, and the US saw 8.6%. — Comodo Threat Research Labs, 2018

Trojans, applications, and backdoors top the list of the most common types of malware detected worldwide in 2017, according to a Thursday report from Comodo Threat Research Labs. Malware attacks were detected in 225 country codes, representing almost every nation-state on Earth, the report found.

Rounding out the top 10 in terms of attack types were worms, unsafe apps, unwanted apps, viruses, packers, email worms, and constructors, the report found.

The level of complexity in attacks continues to grow: In 2017 alone, Comodo detected 3,704 unique trojan families, 708 unique application malware families, and 1,621 unique backdoor families. This means businesses should consider focusing limited security resources on these areas, as they are more likely to become points of attack.

On a more positive note, most malware types remained even or declined in Q4 2017, the report noted. The only exception was backdoors, which saw a significant rise that quarter, and will likely continue to increase in Q1 2018.

Computer hacking has become a professional discipline, the report stated, and attacks will continue to grow in sophistication and number.

"If you manage an important network, these historical dynamics mean at least three things," the report stated. "First, your computer network is vulnerable. Second, at some point it will be targeted by an advanced hacker. Third, due to the international architecture of the internet, law enforcement may not be able to help you very much. For the most part, when it comes to cybersecurity, we are all on our own."

However, there are many things security and business professionals can do to protect their data, customers, and reputation, including keeping software up to date, retaining offline backups, and teaching employees how to detect social engineering attacks.

A majority of security incidents took place in the Russia (8.8% of all detections) and the US (8.6%), the report found. Rounding out the top 10 were Brazil, India, Canada, Germany, China, Poland, Turkey, the UK, and the Ukraine.

Computer network operations are regularly used to support political, intelligence, military, and business initiatives worldwide, it also noted.

"The takeaway for enterprises is that as political and/or military tension increases, so do the volume and sophistication of malware propagation and use," the report stated. "Within specific verticals, we have also shown that each is plagued by a peculiar mix of malware types, families, and threat actors, which gives each person, business, nation, country, and even continent a unique malware profile. This insight is critical because it should encourage each enterprise to create a unique set of network defenses ideally constructed for the particular set of threat actors and operations it faces."

Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays